package com.wss.gateway.config;

import com.google.common.collect.Lists;
import com.netflix.discovery.converters.Auto;
import com.wss.gateway.service.PermissionService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain;

import java.util.List;


@Configuration
@EnableWebFluxSecurity
public class SecurityConfig   {


    /**
     * 此处的代码会放在SecurityConfig类中，此处只是摘要下，里面的handler在下文会详细介绍
     * @param http
     * @return
     */

   private static String[] urls= null;
   static {
       List<String> list = Lists.newArrayList("/api-user/**");
       urls=list.toArray(new String[list.size()]);
   }

    @Bean
    SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity  http) {

        ServerHttpSecurity.AuthorizeExchangeSpec exchangeSpec = http.csrf().disable().httpBasic().disable().authorizeExchange()
                .pathMatchers(urls).permitAll();

        access(exchangeSpec.anyExchange());

        SecurityWebFilterChain chain = exchangeSpec.and().build();

        return  chain;

//        ServerHttpSecurity.FormLoginSpec formLoginSpec = http.formLogin();
//        formLoginSpec.authenticationSuccessHandler(createAuthenticationSuccessHandler())
//                .loginPage("/login")
//                .authenticationFailureHandler(createAuthenticationFailureHandler());
//        return formLoginSpec.and()
//                .csrf().disable()
//                .httpBasic().disable()
//                .authorizeExchange()
//                .pathMatchers(AUTH_WHITELIST).permitAll()
//                .anyExchange().authenticated()
//                .and().build();
    }

    @Autowired
    private PermissionService permissionService;

    private void access(ServerHttpSecurity.AuthorizeExchangeSpec.Access anyExchange) {
        anyExchange.access(permissionService);
        return;
    }

}
